A Precise Termination Condition of the Probabilistic Packet Marking Algorithm

Abstract:

The probabilistic packet marking (PPM) algorithm is a promising way to discover the Internet map or an attack graph that the attack packets traversed during a distributed denial-of-service attack. However, the PPM algorithm is not perfect, as its termination condition is not well defined in the literature. More importantly, without a proper termination condition, the attack graph constructed by the PPM algorithm would be wrong. In this work, we provide a precise termination condition for the PPM algorithm and name the new algorithm the Rectified PPM (RPPM) algorithm. The most significant merit of the RPPM algorithm is that when the algorithm terminates, the algorithm guarantees that the constructed attack graph is correct, with a specified level of confidence. We carry out simulations on the RPPM algorithm and show that the RPPM algorithm can guarantee the correctness of the constructed attack graph under 1) different probabilities that a router marks the attack packets and 2) different structures of the network graph. The RPPM algorithm provides an autonomous way for the original PPM algorithm to determine its termination, and it is a promising means of enhancing the reliability of the PPM algorithm.

Existing System:-

In the existing system PPM algorithm is not perfect, as its termination condition is not well defined.

Without proper termination condition the attack graph constructed by the PPM algorithm would be wrong.

The algorithm requires prior knowledge about the network topology.

Proposed System:-

To propose termination condition of the PPM algorithm, this is missing or is not explicitly defined in the literature.

Through the new termination condition, the user of the new algorithm is free to determine the correctness of the constructed graph.

The constructed graph is guaranteed to reach the correctness assigned by the user, independent of the marking probability and the structure of the underlying network graph.

In this system we proposed a Probabilistic Packet Marking Algorithm to encode the packet in the routers to detect the attacked packets.

To reduce the a constructed graph such that the constructed graph is the same as the attack graph, where an attack graph is the set of paths the attack packets traversed,